package com.habdqn.jspdemo.im.filter;

import com.habdqn.jspdemo.im.enetity.User;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;

/**
 * 权限过滤器
 * 对所有公司相关的操作进行过滤，必须用户登录以后才能访问
 * @author Administrator
 */
//@WebFilter(filterName = "AuthorityFilter",value = "/company/*")
public class AuthorityFilter implements Filter {
    @Override
    public void destroy() {
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        //验证Session中是否有user信息
        HttpServletRequest hsq = (HttpServletRequest)req;
        HttpSession session = hsq.getSession();
        //如果session中的user不为空，放行
        User user = (User)session.getAttribute("user");
        if(user!=null) {
            chain.doFilter(req, resp);
        }else{
            //跳转到登陆页要求用户登录
            hsq.setAttribute("mess","请登录再访问！");
            hsq.getRequestDispatcher("/login.jsp").forward(req,resp);
        }
    }

    @Override
    public void init(FilterConfig config) throws ServletException {

    }

}
